How to use SSH Key with passpharse for SSH forwarding
Scenario 1: I had setup SSH key with a passphrase to access all my servers/machines. However, its annoying(also non-productive) to enter passpharse every time I want to ssh into another machine.
Scenario 2: I want clone a git repo into another machine other from my laptop. However, that git repo is authorised only to access from my laptop(which basically is SSH keys of my laptop). I have two options:
- Copy my SSH private key over to other machine from where I want to clone the repo. However, this is very insecure as you are copying the private key to another machine.
- 2nd option is to use SSH agent based forwarding. Read below for more info:
Solution: Use SSH Agent to manage the identity keys(ssh keys) and its password. You can automate this by adding the following code in .bashrc file:
eval `ssh-agent -s` ssh-add -K ~/.ssh/id_rsa
What the above does is that it will launch a ssh-agent process, which will be used by ssh-add process to add the identity file. “-K” option in ssh-add is responsible to store the passpharse into SSH user keychain, so that you don’t have to input passpharse in every single login.
In most of the Linux based machines, .bashrc file will be executed by default when you launch the terminal. If you are using Iterm2 in MacOS, you might want to set it up explicitly to run by going to Iterm2 Preferences –> Profiles –> Command –> ‘Send text at start’ and enter “source ~/.bashrc” as shown below:
Read more about SSH forwarding: http://www.unixwiz.net/techtips/ssh-agent-forwarding.html
Hope it helps.